| commit | 764702f788c3b59d1f9b21a8deec4fe37f680c1a | |
| author | Andrew Bartlett <abartlet@samba.org> | |
| Tue, 31 Jan 2023 00:29:05 +0000 (31 13:29 +1300) | ||
| committer | Jule Anger <janger@samba.org> | |
| Fri, 3 Feb 2023 09:35:08 +0000 (3 09:35 +0000) | ||
| tree | 78195476d020144f87fda2d2e79f78821cd083d8 | treesnapshot (tar.gz zip) |
| parent | 7c32d3d75aa31b868527d992e08e8d63fc76faac | commitdiff |
s4-drs: Make drs_ObjectIdentifier_to_dn() safer and able to cope with DummyDN values
We want to totally ignore the string DN if there is a GUID,
as clients like "Microsoft Azure AD connect cloud sync" will
set a literal "DummyDN" string.
RN: Use of the Azure AD Connect cloud sync tool is now supported for
password hash synchronisation, allowing Samba AD Domains to synchronise
passwords with this popular cloud environment.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 73f3ece8b2b44ac4b3323a08fb969f29bf2b0380)
We want to totally ignore the string DN if there is a GUID,
as clients like "Microsoft Azure AD connect cloud sync" will
set a literal "DummyDN" string.
RN: Use of the Azure AD Connect cloud sync tool is now supported for
password hash synchronisation, allowing Samba AD Domains to synchronise
passwords with this popular cloud environment.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=10635
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 73f3ece8b2b44ac4b3323a08fb969f29bf2b0380)